alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  
/*
 * $Header: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/server/ProxyAuthRequestHandler.java,v 1.1.2.1 2003/12/05 21:02:52 oglueck Exp $
 * $Revision: 1.1.2.1 $
 * $Date: 2003/12/05 21:02:52 $
 *
 * ====================================================================
 *
 * The Apache Software License, Version 1.1
 *
 * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
 * reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. The end-user documentation included with the redistribution, if
 *    any, must include the following acknowlegement:
 *       "This product includes software developed by the
 *        Apache Software Foundation (http://www.apache.org/)."
 *    Alternately, this acknowlegement may appear in the software itself,
 *    if and wherever such third-party acknowlegements normally appear.
 *
 * 4. The names "The Jakarta Project", "Commons", and "Apache Software
 *    Foundation" must not be used to endorse or promote products derived
 *    from this software without prior written permission. For written
 *    permission, please contact apache@apache.org.
 *
 * 5. Products derived from this software may not be called "Apache"
 *    nor may "Apache" appear in their names without prior written
 *    permission of the Apache Group.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * ====================================================================
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of the Apache Software Foundation.  For more
 * information on the Apache Software Foundation, please see
 * .
 *
 * [Additional notices, if required by prior licensing conditions]
 *
 */

package org.apache.commons.httpclient.server;

import java.io.IOException;

import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.auth.AuthenticationException;
import org.apache.commons.httpclient.auth.BasicScheme;
import org.apache.commons.httpclient.auth.HttpAuthenticator;
import org.apache.commons.httpclient.auth.MalformedChallengeException;

/**
 * This request handler guards access to a proxy when used in a 
 * request handler chain. It checks the headers for valid credentials
 * and performs the authentication handshake if necessary.
 * 
 * @author Ortwin Glueck
 */
public class ProxyAuthRequestHandler implements HttpRequestHandler {
	private Credentials credentials;
	
	/**
	 * TODO replace creds parameter with a class specific to an auth scheme encapsulating all required information for a specific scheme
	 * @param creds
	 */
	public ProxyAuthRequestHandler(Credentials creds)  {
		if (creds == null) throw new IllegalArgumentException("Credentials can not be null");
		this.credentials = creds;
	}

	public boolean processRequest(SimpleHttpServerConnection conn)
		throws IOException {
		Header[] headers = conn.getHeaders();
		Header clientAuth = findHeader(headers, HttpAuthenticator.PROXY_AUTH_RESP);
		if (clientAuth != null) {
			boolean ok = checkAuthorization(clientAuth);
			if (ok) conn.connectionKeepAlive();
			return !ok;
		} else {
			performHandshake(conn);
		}
		return true;
	}
	
	/**
	 * @param conn
	 */
	private void performHandshake(SimpleHttpServerConnection conn) throws IOException {
		Header challenge = createChallenge();
		ResponseWriter out = conn.getWriter();
		out.println("HTTP/1.1 407 Proxy Authentication Required");
		out.print(challenge.toExternalForm());
		out.print(new Header("Proxy-Connection", "Keep-Alive").toExternalForm());
		out.print(new Header("Content-Length", "0").toExternalForm());
		out.println();
		out.flush();
		conn.connectionKeepAlive();
	}

	/**
	 * 
	 * @return
	 */
	private Header createChallenge() {
		Header header = new Header();
		header.setName(HttpAuthenticator.PROXY_AUTH);
		//TODO add more auth schemes
		String challenge = "basic realm=test";
		header.setValue(challenge);
		return header;
	}

	/**
	 * Checks if the credentials provided by the client match the required credentials
	 * @return true if the client is authorized, false if not.
	 * @param clientAuth
	 */
	private boolean checkAuthorization(Header clientAuth) {
		// TODO Auto-generated method stub
		BasicScheme scheme;
		try {
			scheme = new BasicScheme("basic realm=test");
			String expectedAuthString = scheme.authenticate(credentials, null, null);
			return expectedAuthString.equals(clientAuth.getValue());
		} catch (MalformedChallengeException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		} catch (AuthenticationException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return false;
	}

	private Header findHeader(Header[] headers, String name) {
		for(int i=0; i

... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

 

Copyright 1998-2024 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.